eternity | c87944569ee3472607f5c02b5d249c6d817de90c4c143349a0905b2a8c6284ef | Triage

Sharing

General

Target

9247803ef08a9aaaa9c9f4595d5946e0.exe
Size

2.1MB
Sample

230520-1cfsyshd6t
MD5

9247803ef08a9aaaa9c9f4595d5946e0
SHA1

774ec9e0cdfe0816703960039e0a21af5dd94b46
SHA256

c87944569ee3472607f5c02b5d249c6d817de90c4c143349a0905b2a8c6284ef
SHA512

245d9289daa37eb287c3de3ac2b621104415907d4b3bdc08ba47ed90fd7c51fafd29c0439f44e81ce22941f9393eb92d1359fa4a79c8a78261174e515c5f4abf
SSDEEP

49152:IlCF2ZorKJtQvwAqyoWNN1HdFvo9ZYPWp6:39wAqyoW93voZYPz

Score

10^/10

eternity

Malware Config

Extracted

Family

eternity

Attributes

payload_urls
http://167.88.170.23/swo/sw.exe

http://167.88.170.23/swo/swo.exe,http://167.88.170.23/1300.exe

Targets

- Target
  
  9247803ef08a9aaaa9c9f4595d5946e0.exe
- Size
  
  2.1MB
- MD5
  
  9247803ef08a9aaaa9c9f4595d5946e0
- SHA1
  
  774ec9e0cdfe0816703960039e0a21af5dd94b46
- SHA256
  
  c87944569ee3472607f5c02b5d249c6d817de90c4c143349a0905b2a8c6284ef
- SHA512
  
  245d9289daa37eb287c3de3ac2b621104415907d4b3bdc08ba47ed90fd7c51fafd29c0439f44e81ce22941f9393eb92d1359fa4a79c8a78261174e515c5f4abf
- SSDEEP
  
  49152:IlCF2ZorKJtQvwAqyoWNN1HdFvo9ZYPWp6:39wAqyoW93voZYPz
Score

10^/10

eternity
- Eternity
  Eternity Project is a malware kit offering an info stealer, clipper, worm, coin miner, ransomware, and DDoS bot.
  eternity
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2